This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. The flaw exists within the Tabular Data Control ActiveX module, if provided a malicious DataURL parameter a stack corruption may occur in the function CTDCCtl::SecurityCHeckDataURL. This module runs a web server waiting for vulnerable clients (Internet Explorer 6) to connect to it. When the client connects, it will try to install an agent by exploiting this vulnerability.
CVE Link
Exploit Platform
Exploit Type
Product Name